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DETAILED ACTION 

1 . The Amendment, and remarks therein, received on 7/17/06 have been entered and 
carefully considered. 

1 . The Amendment introduces a new limitation into the originally sole independent 
claim 1 and 10 and dependent claims 5-6. 

2. The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior office action. 

Response to Amendment 

3. Applicant's arguments have been carefully considered. 

4. Applicant amended claims 5-6 in an attempt to clarify the claim language. However, 
the claim language of claim 5 is still confusing. For example it is not clear whether 
"data stream stored in the determination of conformance is retained to enable a 
further check" recited in claim 5 attempts to point out some kind of a storage device 
or whether applicant continues to construct a noun using a verb-like phrase. The 
examiner suggests simplifying the language in order to clearly point out the claim 
limitations and avoid language ambiguity. 

5. As per claim 1 and 10, on page 6 and 7 applicant suggests that the art of record 
does not teach claimed limitations. Applicant supports the argument with the 
clarification of the intended meaning of claimed limitations without any concrete 
arguments that explicitly address the claimed language . As a result, it is not clear 
which limitations applicant contests when stating that Gupta and Pfleeger do not 
teach "these feature of the claimed invention". 
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The examiner addresses only explicitly recited limitations that are allegedly not 
taught by the art of record. The newly introduced limitations are additionally 
addressed in the current Office Action. 

Applicant argues that "Gupta and Pfleeger systems are not in a private network. Nor 
is ttiere an intermediate server"'. Instead, the cited references deal with a direct 
access from a computer to the Internet wherein the filtering means reside in the user 
terminal. 

The examiner points out that nowhere in the claim language applicant recites "an 
intermediate server". Furthermore, "protected or 'inside' network" (or Local Area 
Network) recited by Pfleeger reads on a private network. 

Applicant argues that Pfleeger does not discuss content filtering but rather packet 
filtering for routing purposes. 

The examiner points out that packets comprise content; thus, packet filtering reads 
on content filtering. It appears that applicant confuses content filtering with filtering 
based on data content . The claim language in claims 1 and 10 suggests only 
content filtering (e.g. filtering on said multimedia data stream) and do not further limit 
the filtering to content-based filtering. The disclosure of "filtering on said multimedia 
data stream" recited in claims 1 and 10 can be found in paragraph 15 of the previous 
Office Action. 

Applicant attempts to distinguish the art of record from applicants invention stating 
that: "in public network, it is the operator or the user who defines the filtering rules, 
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whereas in the present invention, it is the private network (i.e., the company 
managing the private networl<) which specifies the filtering rules. 
The examiner already established (see a response to the first argument) that the art 
of record is relevant to private networks. However, even if it was not the case it is 
not clear how applicant's argument is relevant to the invention as claimed . 
Furthermore, it is not clear how company and NOT the operator or the user define 
filtering rules. The examiner points out that a company is an abstract entity and 
company rules are defined by people, e.g. operators/users. If applicant meant that 
filtering was subcontracted to another corporation, applicant should place such a 
limitation into the claim language in order for the arguments to be applicable. 
Applicant attempts to distinguish the art of record by stating the differences between 
art of record with applicants invention reciting alleged differences and reasons for 
differences between a public and a private network. 

However, not only applicant provides no evidence support to all of applicant's 
assertion but also the relevance of applicants arguments to the art of record 
presented in rejection of claim language is not clear. 

As per applicant's argument that there is no temporary storing in the art of record the 
examiner points out that any computer device that receives data inherently 
temporarily stores the data. The receiving data, even if only for filtering purposes, 
would not be possible if a receiving device had no capability of storing data at least 
temporary, e.g. memory. 
6. In light of the remarks above, claims 1-2, 4-7 and 9-10 remain rejected. 
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7. Claims 1-2 and 4-10 have been examined. 
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Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the Invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

8. Claims 1-10 are rejected under 35 U.S.C. 112, first paragraph, as failing to comply 
with the enablement requirement. The claim(s) contains subject matter which was 
not described in the specification in such a way as to enable one skilled in the art to 
which it pertains, or with which it is most nearly connected, to make and/or use the 
invention. 

In particular it is not clear how particular filtering criteria can be specified by a private 
network as recited in claims 1 and 10. A network is an abstract entity and it is not 
clear how a network and not a user can specify filtering criteria. 

9. Claim 1-10 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

It is not clear how particular filtering criteria can be specified by a private network as 
recited in claims 1 and 10, in particular since in Remarks (first paragraph, pg. 8) 
applicant attempts to distinguish filtering rules being defined by a network (e.g. the 
company managing the private network) rather than a person (e.g. an operator or a 
user). Although rules can be executed in an abstract entity such as a company (or 
by an abstract entity, e.g. a network device), the rules are defined by people. 
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10. Claim 5 remains rejected due to the lack of clarity. See Response to Amendment for 
details. 

For purposes of further examination the above are treated as best understood. 

Claim Rejections - 35 USC § 103 

11. Claims 1-2, 4 and 8-10 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Firewalls as illustrated by Pfleeger (Charles P. Pfleeger, "Security in 
computing", 2nd edition, 1996, ISBN: 0133374866) and Chapman (D. Brent 
Chapman and Elizabeth D. Zwicky, "Building Internet Firewalls", ISBN: 1565921240, 
1995) in view of Gupta et ai (U,S, Patent No. 6389532). 

As per claim 1-2, 8 and 10 Pf/eeger teaches a firewall that filter all traffic between a 
protected or "inside" network and a less trustworthy or "outside" network (Pfleeger, 
"What is a Firewall, pg. 428). Fig. 9-31 is an example of a firewall implemented 
between Local Area Network nodes and the Wide Area Networks. In particular 
Pf/eeger teaches that a firewall (in this case a screening router) filters traffic based 
on the sender's and recipients addresses for example (Pfleeger, "Screening Router"' 
section, pg, 429''430). 

This reads at leas on: "a storage unit for temporarily storing a data stream received 
from the computer network and addressed to a user terminal" and on "a control logic 
unit for filtering the multimedia data stream stored in the storage unit, the filtering 
authorizing or blocking transmission of the multimedia data stream to the terminal as 
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a function of particular criteria applied to the data stream received at the private 
access node". 

12. As per applicant's new limitations, the discussed above Pfleeger's disclosure 
recites inside or Local Area Network, which the examiner considers to be a private 
network. Thus, user terminals disclosed by Pfleeger to be inside of the firewall are 
terminals connected to the private network. Furthermore, the main purpose of 
firewalls is to restrict traffic to private networks in order to protect private resources 
(Chapman, "Preface", xxi, "What Is an Internet Firewall?" and 'What Can a Firewall 
Do?" pg, 17-19)] thus, the limitation of specifying particular filtering criteria by the 
private network is implicit. 

13. The limitations of claim 4, if not inherent, are at least implicit. Filtering is not 
instantaneous. The rule comparison involves computer execution that takes time. 
Similarly implicit is that multimedia data stream has been received with particular 
standards (e.g. TCP/IP) and then transmitted to the terminal if conformance is found. 
The purpose of filtering is to allow only permitted data to reach the desired 
destination. 

1 4. P/eeger does not explicitly teach analyzing a signature included in the data stream 
for the purpose of the filtering. 

Gupta et al. teach analyzing a signature included in the data stream for the purpose 
of the filtering (Gupta et ai, coL 2 lines 21-22). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to include analyzing a signature included in the data stream for the 
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purpose of the filtering in Pleeger's invention. One of ordinary skill in the art would 
have been motivated to perform such a modification in order to accept the data 
stream only from the authorized sources. 

15. Although neither Pleegernor Gupta et al. explicitly teach that the data stream is a 
multimedia data stream Pfleeger in view of Gupta et al. applies to all data types as it 
does not preclude filtering the multimedia stream data. Furthermore, requesting and 
receiving a multimedia data stream is old and well-known in the art of computing 
(e,g, Internet Browsing, U.S. Patent No. 6223292, in particular coL 6j. One of 
ordinary skill in the art at the time of applicant's invention would have been 
motivated to extend Pfleeger's invention into the multimedia data stream in order to 
provide a comprehensive protection of protected resources. 

16. The examiner points out that Gupta a/. 's teaching is used as an example of what 
is old and well-known practice: to include a signature indicating the existence of 
restrictions on the use of the multimedia data that it accompanies (the fact that it is 
well known is also noted by applicant in the specification, pg. 3 §3). In addition it is 
old and well-known to perform signature analysis in order to identify whether any 
restriction should be done on the use of the data (Active X, data integrity check in 
virus or intrusion detection environment). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to perform signature analysis in order to identify any restriction on the use 
of the data that the signature accompanies. One of ordinary skill in the art would 
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have been motivated to perform such a modification in order to take appropriate 
actions consistent with any discovered restrictions. 

Performing signature analysis and at least temporarily blocking transmission of the 
multimedia data stream received from the network to a use if the multimedia data 
stream incorporates a signature characteristic of restricted signaling rights would be 
implicit in order to restrict spreading out of suspicious (e.g. malicious) data. 

17. As per claim 9 Pfleeger (in view of Gupta et al.) in addition to exclusive access 
control (based on the source/destination addresses and/or ports) teach inclusive 
access control (e,g. "allow in only communications destined to the host at 
100,24.4.0", Pfleegen PQ- 429). 

18. Claims 5-7 are rejected under 35 U.S.C. 103(a) as being unpatentable over Pfleeger 
(Charles P. Pfleeger, "Security in computing", 2nd edition, 1996, ISBN: 0133374866) 
alternatively in view of Gupta et al. (U,S. Patent No. 6389532) and further in view of 
Gotten (U.S. Patent No. 6330590). 

1 9. P/eeger and Gupta et al. teach filtering an access control that decides to allow or 
disallow data transmission as discussed above. 

20. Neither P/eeger nor Gupta etal. teach retaining non-conformance data to enable 
interruption of a subsequently received data stream. 

Cotton teaches counting, for control purposes, the number of times that data of a 
particular content is received and retaining non-conformance data to enable 
interruption of a subsequently received data stream (col. 3 line 46-co/. 4 line 52), 
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It would have been obvious to one of ordinary skill in the art at the tinne of applicant's 
invention to retain non-conformance data to enable interruption of a subsequently 
received data stream as taught by Cotton, One of ordinary skill in the art would have 
been motivated to perform such a modification in order to filter not only non- 
permitted but also unwanted data. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jacques Louis Jacques can be reached on (571) 272-6962. The fax phone 
number for the organization where this application or proceeding is assigned is (571) 



Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



273-8300. 





